Phishing

Don't take the bait

Cybercriminals use phishing—a type of social engineering—to manipulate people to click a link, open a file or share their username and password. Phishing attacks attempt to target your payment card data, gain control of your device or access your accounts. More than 90% of data breaches started with a phishing scam.

How to recognize a phishing attack

A URL inconsistent with the message (Ex. a message that claims it’s from the help desk, but does not have “ucdenver” in the URL)

Spelling errors, poor grammar and odd formatting

A reply-to email address that is not from "ucdenver.edu"

A request for a password or other sensitive data

Generic greetings, like "Dear customer"

Threat to delete account if no action is taken

Remember that legitimate companies and organizations will never ask for passwords, social security numbers, and other sensitive data via email.

How to know if your account is compromised

Can’t login to your account because hacker changed the password or it’s clearly disabled or locked